DeBot plans refund after major hack

The days following Christmas have been a nightmare for DeBot, a popular AI-driven DeFi trading bot and wallet tool, which faced a security incident that saw community members report abnormal asset transfers from user wallets. 

The team behind the bot has since responded, promising refunds while assuring the core architecture was not affected. 

DeBot plans refund after major hack 

According to on-chain data, the hackers got away with about $255,000 in assets, consolidated to some addresses on BSC, with some funds funneled to Tornado Cash, where they were laundered. 

The founder of the SlowMist blockchain security outfit has claimed that the risk addresses are still vulnerable. He advised anyone with assets on them to move them.  

The DeBot team has also responded to the crisis with posts on X containing updates as well as plans for moving forward. According to one post, the DeBot secure wallet addresses are operating normally and were not affected in any way. 

The team acknowledged that there were relevant situations with some addresses, but that they are following up and handling them properly. For those worried about their assets, the team encouraged them to transfer said assets from their respective risk wallets to the secure wallet address. 

Additionally, the team has promised that all users who were affected by the hack will receive full compensation following a comprehensive review and tally. According to them, the hack only affected wallets imported or generated before December 10. 

They claim addresses that were generated or imported after December 10 are all secure wallets and unaffected, and they are working without a hitch. 

Trust Wallet suffered a similar issue 

Users of DeBot who were affected by the hack claimed that their assets were transferred out of their wallets. Those statements are reminiscent of the accounts given by victims of the Trust wallet hack, which saw the hacker get away with up to $7 million, as reported by Cryptopolitan. 

The theft of funds occurred shortly after the Binance-linked Trust Wallet released an updated version of its extension for the Chrome web browser. The breach was flagged on December 25 by on-chain detective ZachXBT and has since been confirmed by the wallet team.

“Community alert: A number of Trust Wallet users have reported that funds were drained from wallet addresses within the past couple hours,” ZachXBT posted on Telegram. “While the exact root cause has not been determined coincidentally the Trust Wallet Chrome extension pushed a new update yesterday.”

The breach targeted version 2.68 of Trust Wallet’s browser extension, according to what the wallet team posted on X. The team also urged users not to open that version and to upgrade to version 2.69. “Mobile-only users and all other browser extension versions are not impacted,” they claimed. 

Like DeBot, there is a promise to reimburse the stolen funds according to Changpeng Zhao, a co-founder of Binance.

Both exploits, which happened within close proximity to each other, targeted crypto wallets and have highlighted the importance of constant vigilance from all parties because the hackers are not taking any breaks. 

Crypto theft has already risen to $6.75 billion this year, according to a Chainalysis report. The number of personal wallet compromises has also surged to 158,000 from 64,000 last year, though the amount stolen accounted for 20% of the total, down from 44%.

Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.